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DETAILED ACTION 

1. A Request for Continued Examination under 37 CFR 1.114, including the fee 
set forth in 37 CFR 1 .17(e), was filed in this application after final rejection. 
Since this application is eligible for continued examination under 37 CFR 
1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the 
finality of the previous office action has been withdrawn pursuant to 37 CFR 
1.114. Applicant's submission filed on 19 June 2008 has been entered. 

2. Claims 7 and 23 have been amended. Claims 10 and 26 have been 
canceled. Claims 1-6 and 31-38 are withdrawn from consideration due to 
restriction requirement. No new claims have been added. Claims 7-9, 1 1-25 
and 27-31 are now presented for examination. 

3. Applicant's amendments and argument have been fully considered, but are moot 
in view of new ground rejection as set forth below. 

Priority 

4. Applicant claimed that the current application claims priority to U.S. Provisional 
Application No. 60/427,568, entitled "IM Enterprise features," filed Nov. 20, 2002. 

Examiner had reviewed carefully the U.S. Provisional Application (60/427,568). 
The U.S. Provisional application (60/427,568) only broadly discloses secure AIM. 
However, the examiner discovered at least three claim limitations, the secure message 
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are signed and encrypted using subscriber's digital certificates, submitting a 
certificate publication request, tine publication request also specifying a digital certificate 
corresponding to the subscriber device, responsive to each certificate publication 
request, the messaging server temporarily storing the submitted digital certificate in a 
publication record in the independent claim 1 of the current application are not 
supported by the U.S. Provisional application (60/427,568). Therefore, the examiner 
will not grant the priory date as claimed. The effective filling date of the current 
application is the filling date of the current application, which is 19 November 2003. 
Claim Rejections - 35 USC § 101 

5. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, 
manufacture, or composition of matter, or any new and useful improvement 
thereof, may obtain a patent therefor, subject to the conditions and requirements 

of this title. 

6. Claims 23-25 and 27-31 are rejected under 35 U.S.C. 101 because the claimed 
invention is directed to non-statutory subject matter. 

Claims 23-25 and 27-31 are directed to a messaging server for use in managing 
the exchange message. Computer-readable data storage medium is being recited in 
claim 23. The examiner carefully and respectfully reviews page 9 of the original 
disclosure, the Applicant defines a computer-readable data storage media as being a 
signal bearing media including analog or digital transmission media and analog.... 
Computer data signal and carrier wave are not limited to that which falls within a 
statutory category of invention because it is not limited to a process, machine, 
manufacture, or a composition of matter. Instead, it includes a form of energy. Energy 
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does not fall within a statutory category since it is clearly not a series of steps or acts to 
constitute a process, not a mechanical device or combination of mechanical devices to 
constitute a machine, not a tangible physical article or object which is some form of 
matter to be a product and constitute a manufacture, and not a composition of two or 
more substances to constitute a composition of matter (MPEP 2106). 

In order to overcome the rejection, the examiner suggests the Applicant to delete 
the word "signal-bearing" and "or other suitable signal-bearing media including analog 
or digital transmission media... and wireless communications" from the original 
disclosure's par. [1027]. Please also remove "signals" and "electromagnetic waves" 
from par. [1065]. 



Claim Rejections - 35 USC § 103 

7. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or deschbed as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the phor art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

8. The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1 , 148 
USPQ 459 (1966), that are applied for establishing a background for determining 
obviousness under 35 U.S.C. 103(a) are summarized as follows: 

1 . Determining the scope and contents of the prior art. 

2. Ascertaining the differences between the prior art and the claims at issue. 

3. Resolving the level of ordinary skill in the pertinent art. 

4. Considering objective evidence present in the application indicating 
obviousness or nonobviousness. 
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9. This application currently names joint inventors. In considering patentability of 
the claims under 35 U.S.C. 103(a), the examiner presumes that the subject matter of 
the various claims was commonly owned at the time any inventions covered therein 
were made absent any evidence to the contrary. Applicant is advised of the obligation 
under 37 CFR 1 .56 to point out the inventor and invention dates of each claim that was 
not commonly owned at the time a later invention was made in order for the examiner to 
consider the applicability of 35 U.S.C. 103(c) and potential 35 U.S.C. 102(e), (f) or (g) 
prior art under 35 U.S.C. 103(a). 

1 0. Claims 7-9, 1 1 -25 and 27-31 are rejected under 35 U.S.C. 1 03(a) as being 
unpatentable over Schoen et al. (U.S. Pub. No. 20030204720) and in view of Creighton 
et al. (U.S. Pub. No. 20020032665) 

As per claims 7 and 23, Schoen et al. discloses a method/messaging server of 
managing the exchange of secure online instant messages between subscriber devices, 
where the secure messages are signed and encrypted using subscribers' digital 
certificates ("PKI encrypted and/or signed IM packets" in fig. 1), the method comprising 
operations of: 

at one or more subscriber devices, an associated local instant messaging 
module logging in to a messaging server to begin a session of exchanging synchronous 
online messages (e.g. IM originator/recipient, IM Server in Fig. 1); 

at one or more of the logged-in devices, the associated local instant messaging 
module submitting a certificate publication request to a messaging server, the 



Application/Control Number: 10/718,290 Page 6 

Art Unit: 2135 

publication request also specifying a digital certificate corresponding to the subscriber 
device (e.g. par. [0074]); 

responsive to each certificate publication request, the messaging server 
temporarily storing the submitted digital certificate in a publication record in association 
with the submitting device as long as the associated instant messaging module 
remains logged-in to the messaging server (e.g. par. [0074]); 

responsive to prescribed events, the messaging server providing logged-in 
subscriber devices with selected information concerning certificates of other subscriber 
devices (e.g. par. [0074]). 

Schoen does not expressly disclosing receiving a particular subscriber device's 
request to un-publish its digital certificate; responsive to receiving the request, the 
messaging server removing the digital certificate from the publication record, identifying 
other logged-in subscriber devices that previously designated the particular subscriber 
device for potential future secured instant messaging, and notifying the identified 
devices of the digital certificate withdrawn from use. 

Creighton et al. discloses receiving a particular subscriber device's request to un- 
publish its digital certificate; responsive to receiving the request, the messaging server 
removing the digital certificate from the publication record, identifying other logged-in 
subscriber devices that previously designated the particular subscriber device for 
potential future secured instant messaging, and notifying the identified 
devices of the digital certificate withdrawn from use by disclosing "The business owner 
sends a request to delete the digital certificate issued to that business partner to the 
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certification authority. The certification authority checks the request, block 54, and 
takes information from this request, block 68. The certification authority invalidates the 
digital certificate by publishing it as an invalid digital certificate and 
removing it from its database, block 70. The certification authority also 
sends an update to the business owner, block 72, so the business owner may 
remove the digital certificate from its database", (e.g. par. [0042]). 

It would have been obvious to a person with ordinary skill in the art to combine 
Creighton et al.'s receiving a particular subscriber device's request to un-publish its 
digital certificate; responsive to receiving the request, the messaging server removing 
the digital certificate from the publication record, identifying other logged-in subscriber 
devices that previously designated the particular subscriber device for potential future 
secured instant messaging, and notifying the identified devices of the digital certificate 
withdrawn from use into Schoen et al. motivated by to improve security of instant 
messaging group communication. 

As per claims 8 and 24, Schoen further discloses the operation of, responsive to 
prescribed events, providing logged-in subscriber devices with selected information 
concerning certificate status of other subscriber devices comprising: responsive to a 
request from one subscriber device to establish a dialog with another subscriber 
device, the messaging server providing the requesting subscriber device with a 
representation of a digital certificate of the other subscriber device from the publication 
record (e.g. par. [0074]). 



Application/Control Number: 10/718,290 Page 8 

Art Unit: 2135 

As per claims 9 and 25, Schoen further discloses the operation of, responsive to 
prescribed events, providing logged-in subscriber devices with selected information 
concerning certificate status of other subscriber devices comprising: responsive to a 
particular subscriber device's request to publish a new digital certificate, the messaging 
server identifying other logged-in subscriber devices that have 
designated the particular subscriber device for potential future secured instant 
messaging, and providing the identified devices with a representation of the new digital 
certificate (e.g. par. [0074]). 

As per claim 11, Creighton et al. further discloses comprising: the particular 
subscriber device submitting the request to un-publish its digital certificate in response 
to at least one of the following events: (1) physical unavailability of the subscriber 
device's digital certificate, (2) logical unavailability of the subscriber device's 
corresponding digital certificate, (3) user election to un-publish the subscriber device's 
digital certificate (e.g. par. [0042]). 

As per claims 12 and 27, Schoen further discloses the operation of, responsive 
to prescribed events, providing logged-in subscriber devices with selected information 
concerning certificate status of other subscriber devices comprising: responsive to a 
request from a first subscriber device to establish a dialog with a second subscriber 
device, the messaging server denying supplication of the second 
subscriber's digital certificate to the first subscriber whenever the second subscriber's 
digital certificate has experienced one or more of the following actions: invalidity, 
revocation, un-publication (e.g. par. [0073]). 
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As per claim 13, Creighton et al. further discloses comprising: delaying submittal 
of the certificate publication request under preventive circumstances including at least 
one of the following: (1) physical unavailability of the digital certificate, (2) logical 
unavailability of the digital certificate, (3) user election to delay publication of the digital 
certificate (e.g. par. [0042]). 

As per claim 14, Creighton et al. further discloses comprising: automatically 
submitting the certificate publication request when the preventive circumstances 
terminate (e.g. par. [0042]). 

As per claims 15 and 28, Schoen further discloses the operation of, responsive 
to prescribed events, providing logged-in subscriber devices with information 
concerning certificate status of other subscriber devices comprising: responsive to a 
particular subscriber device's published certificate becoming invalid, the messaging 
server identifying other logged-in subscriber devices that previously 
designated the particular subscriber device for potential future secured instant 
messaging, and notifying the identified devices of the invalid digital certificate (e.g. par. 
[0073]). 

As per claims 16 and 29, Schoen further discloses the operation of temporarily 
storing the submitted digital certificate additionally storing a representation of a chain 
record pertaining to the certificate, where storage of repetitive chain records are 
abbreviated to conserve storage space (e.g. par. [0074]) 

As per claim 17, Schoen further discloses the act of submitting the publication 
request is performed under one or more of the following conditions: (1 ) automatically in 
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response to the act of logging in to tine messaging server, (2) manually in response to 
operator direction (e.g. par. [0074]). 

As per claims 18 and 30, Creighton et al. further discloses comprising 
operations of: at one or more of the logged-in devices, an associated local instant 
messaging module submitting a certificate un-publication request to the messaging 
server responsive to specified conditions; responsive to each un-publication request, 
the messaging server removing the requesting subscriber's digital certificate from the 
publication record (e.g. par. [0042]). 

As per claims 19 and 31, Schoen further discloses where: the operations further 
comprise, responsive to each publication request, the messaging server receiving 
revocation information for the subscriber's certificate; upon expiration of the certificate 
as indicated by the revocation information, removing the subscriber's certificate from 
the publication record (e.g. par. [0073]). 

As per claims 20-22, they are rejected using the same rationale as rejecting 
claims 7-9, 11-19, 23-25 and 27-31 above. 

Conclusion 

1 1 . The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. (See PTO -892). 

In response to the current Office Action, the Applicant is respectfully requested to 
review all the reference cited by the examiner, in particular. Cooper et al. (U.S. Pub. No. 
20020029350) discloses "Virtually all web browser programs such as 
NETSCAPE... have a mechanism to store and manipulate... digital certificates. It is 
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common to see an area reserved for the creation, deletion, storage, and usage of 
digital certificates under the menu item named "options" or preference" in such web 
browser programs". 
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